Help Needed: Best Setup for Plex Server, Pi-hole, Network Segmentation, and WireGuard

Equipment:

• Dell OptiPlex 5090 (i7-11700K, 32GB RAM, 1TB M.2 SSD)
• Verizon 1G Fiber Internet Router
• UniFi Switch, AP, and Cloud Key (No Gateway)
• Raspberry Pi 3B+
• Synology DS1821+

Goals:

1.  Plex Server: Set up on the OptiPlex.
2.  Pi-hole: Implement ad-blocking, potentially with redundancy.
3.  Network Segmentation: Create three separate networks - Main home network, Guest network, and IoT network.
4.  WireGuard VPN: Set up WireGuard on a container for secure remote access.
5.  Firewall/Router Control: Decide between using Verizon’s router with pfSense) or use Unifi Controller.

Questions:

1.  Network Setup:
• Back story about my network: Before Verizon Fiber 1G, I had a USG3P gateway, which is why I have my UniFi switch and AP with a UniFi Cloud Key. Now that I switched to Verizon Fiber, I couldn’t get my 1Gb up or down speed due to the USG3P limitations. Hence, I removed it and used the Verizon router. I still have my switch and other UniFi equipment connected, although I am using the Verizon router for DHCP and WiFi.
• Should I use Verizon’s built-in guest and IoT networks with pfSense, or configure these networks through my UniFi AP?
• What are the pros and cons of each approach?
2.  System Configuration:
• Should I install Proxmox and then run Ubuntu Server on it, or directly install Ubuntu Server on the OptiPlex?
• If I go with Proxmox, should I use Docker and Portainer on Ubuntu Server for container management, or utilize Proxmox LXC containers for running my services (Plex, Pi-hole, WireGuard, etc.)?
3.  Pi-hole Redundancy:
• What’s the best way to set up Pi-hole redundancy? Is it better to use the Raspberry Pi as a secondary Pi-hole instance, or should I look at other redundancy strategies?
4.  WireGuard Setup:
• What’s the best way to set up WireGuard in a container? Are there any specific considerations or best practices I should be aware of?

I prefer a setup that ensures smooth and uninterrupted operation of my Plex server while maintaining network security and segmentation.

I’m new to some of these technologies, so advice on the easiest and most reliable setup would be appreciated.

Thanks in advance for your help!